UMTS (Universal Mobile Telecommunications System) is the 3G (3rd Generation) mobile communication system standardised by 3GPP (3rd Generation Partnership Project). The 3GPP launched a study item “Evolved UTRA and UTRAN” better known as “Long Term Evolution (LTE)”. The study will investigate means of achieving major leaps in performance in order to improve service provisioning, and to reduce user and operator costs. Out of that and because interworking with other radio access technologies should be possible, the need arose for a new evolved Packet Core Network.
An exemplary representation of the E-UTRAN architecture is given in FIG. 1. The E-UTRAN consists of evolved Node Bs (eNB or eNodeB), providing the E-UTRA user plane (PDCP/RLC/MAC/PHY) and control plane (RRC) protocol terminations towards the mobile node.
The eNB hosts the Physical (PHY), Medium Access Control (MAC), Radio Link Control (RLC), and Packet Data Control Protocol (PDCP) layers that include the functionality of user-plane header-compression and encryption. It also offers Radio Resource Control (RRC) functionality corresponding to the control plane. Further, it performs many functions including radio resource management, admission control, scheduling, enforcement of negotiated UL-QoS (Quality of Service), cell information broadcast, ciphering/deciphering of user and control plane data, and compression/decompression of DL/UL user plane packet headers. The eNBs are also connected by means of the S1 interface to the EPC (Evolved Packet Core), more specifically to the MME (Mobility Management Entity) by means of the S1-MME, and to the Serving Gateway (S-GW) by means of the S1-U.
The S-GW routes and forwards user data packets, while also acting as the mobility anchor for the user plane during inter-eNB handovers and as the anchor for mobility between LTE and other 3GPP technologies (terminating S4 interface and relaying the traffic between 2G/3G systems and Packet Data Network Gateway). For idle state UEs, the S-GW terminates the DL data path and triggers paging when DL data arrives for the UE. It manages and stores UE contexts, e.g. parameters of the IP bearer service, network internal routing information. It also performs replication of the user traffic in case of lawful interception.
The MME is the key control-node for the LTE access-network. It is responsible for idle mode UE tracking and paging procedure including retransmissions. It is involved in the bearer activation/deactivation process and is also responsible for choosing the S-GW for a UE at the initial attach and at time of intra-LTE handover involving Core Network (CN) node relocation. It is responsible for authenticating the user (by interacting with the Home Subscriber Server, HSS). It checks the authorization of the UE to camp on the service provider's Public Land Mobile Network (PLMN) and enforces UE roaming restrictions. The MME is the termination point in the network for ciphering/integrity protection for NAS signaling and handles the security key management. The MME also provides the control plane function for mobility between LTE and 2G/3G access networks with the S3 interface terminating at the MME from the SGSN (Serving GPRS Support Node). The MME also terminates the S6a interface towards the home HSS for roaming UEs.
The Packet Data Network Gateway (PDN-GW) provides connectivity for the UE to external packet data networks by being the point of exit and entry of traffic for the UE. A UE may have simultaneous connectivity with more than one PDN-GW for accessing multiple PDNs. The PDN-GW performs policy enforcement, packet filtering for each user, charging support, lawful Interception and packet screening. Another key role of the PDN-GW is to act as the anchor for mobility between 3GPP and non-3GPP technologies.
To summarize the above, in order to support the new E-UTRAN access, the new 3GPP Core Network is mainly separated into three logical entities. At first, in the user plane the PDN-GW is the gateway to the external networks and the global mobility anchor for mobility between 3GPP and non-3GPP access technologies (likeCDMA2000, WIMAX or WIFI). Second, another user plane entity, the Serving Gateway, is the mobility anchor for mobility between 3GPP accesses (E-UTRAN, UTRAN, GERAN). Third, a Mobility Management Entity is the control plane entity responsible for the mobility management of mobile terminals (also referred to in the following as UEs or MNs) moving between different EUTRAN base stations (eNodeBs) and also responsible for the session management.
As described above, the MME is responsible for mobility management and session management. For each mobile terminal attached to an MME, specific mobility management and evolved packet system context information is stored in the MME. These contexts comprise, e.g. the mobility state, the temporary identity, the current Tracking Area List, last known cell, authentication vectors, access restrictions, subscribed QoS profile, subscribed charging characteristics, and for each active PDN connection the APN (Access Point Name) in use, IPv4/IPv6 addresses, PDN-GW address for control plane, and also information for each EPS (Evolved Packet System) bearer within the PDN connection, as for example EPS bearer QoS profile, EPS bearer charging characteristics.
The mobility management within the 3GPP system is network controlled, and two protocol variants are standardised for the interface between the PDN-GW and the S-GW. One is based on GTP (GPRS Tunneling Protocol), the protocol used in the legacy GPRS (General Packet Radio Service) system, and the other one is Proxy Mobile IPv6 (PMIPv6), developed in the IETF (Internet Engineering Task Force). For interworking with non-3GPP accesses, the mobile terminal can be connected to the Core Network, i.e. the PDN-GW, via PMIPv6 as well, in case the non-3GPP access supports PMIPv6. Alternatively, if the mobile terminal does not support inter-access handover with PMIPv6 or if the non-3GPP access does not support PMIPv6, the mobile terminal can be connected to the Core Network via Client Mobile IP versions, i.e. Mobile IPv4 Foreign Agent Mode (MIP4FA) or Dual Stack Mobile IPv6 (DSMIPv6).
Before a mobile terminal can access a non-3GPP access network, access authentication needs to be performed. If 3GPP based access authentication is applied in the non-3GPP access, i.e. the 3GPP AAA server/HSS authenticates the mobile terminal, EAP-AKA (Extensible Authentication Protocol-Authentication and Key Agreement) is used.
When the mobile terminal is active in a non-3GPP access network, there is a local IP address used to route packets to the mobile terminal in the non-3GPP access. This IP address is the Care-of Address in the terminology of Mobile IP. In case of DSMIPv6, the address is assigned to the mobile terminal, and the mobile terminal is sending Binding Updates using its Care-of address to the PDN-GW, which has the function of the Home Agent (HA). In case of PMIPv6, the Care-of address is an address of a Mobile Access Gateway (MAG) that is located in the non-3GPP access network, and the MAG is sending Proxy Binding Updates using its (Proxy-) Care-of Address to the PDN-GW of the 3GPP network, which has the function of the Local Mobility Anchor (LMA).
As described above, two different types of non-3GPP accesses are defined, i.e. untrusted non-3GPP access and trusted non-3GPP access, and whether a non-3GPP access is trusted or not is left to the 3GPP operator. Furthermore, a non-3GPP access may be a trusted access for one UE from an operator A and an untrusted access for another UE from operator A.
When the UE moves into or attaches initially in an untrusted non-3GPP access (FIG. 2), it has to discover an ePDG first, establish an IPsec Key Exchange IKEv2/IPsec tunnel with the ePDG and can connect to the Evolved Packet Core EPC (PDN GW) over the ePDG IPsec tunnel between PDN-GW and ePDG. On the other hand, when the UE moves into or attaches initially in a trusted non-3GPP access (see FIG. 3), it can connect directly to the EPC (PDN GW) via an MIP tunnel.
When a UE performs a handover to an untrusted non-3GPP access network, the UE must first discover an ePDG and then establish a secure tunnel to said ePDG, before the UE can send and receive user data.
The discovery of the ePDG and the establishment of the secure tunnel takes time, and thus the handover to the untrusted non-3GPP network access is further delayed. This may entail various disadvantages such as data loss, degradation of communication quality and speech interruptions.